package auctionhausen

class AuthFilters {

	def filters = {
		all(controller:'customer', action:'login', invert:true) {
			before = {

				// No authentication required for these.
				if (controllerName == 'listing' && (actionName == 'index' || actionName == 'list' || actionName == 'show'))
				{
					return true
				}
				// Or these.
				else if (controllerName == 'customer' && (actionName == 'login' || actionName == 'register'))
				{
					return true
				}

				// Must at least be logged in to access all other pages.
				if (!session.user)
				{
					flash.message = "Must be logged in to access this resource."
					redirect(controller: 'customer', action: 'login')
					return false
				}
				// Must be logged in and be an administrator to access these.
				else if (!session.user.isAdmin && controllerName == 'customer' && (actionName == 'list' || actionName == 'show' || actionName == 'edit' || actionName == 'create'))
				{
					flash.message = "Not so fast! You have insufficient privileges to access requested screen - redirecting to home screen."
					redirect(controller: 'listing', action: 'list')
					return false
				}
			}
		}
	}
}
